Lucene search
GoogleOSV:PYSEC-2014-97HistoryJan 07, 2014 - 6:55 p.m.
PYSEC-2014-97
2014-01-0718:55:00
Google
osv.dev
7
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
Libcloud 0.12.3 through 0.13.2 does not set the scrub_data parameter for the destroy DigitalOcean API, which allows local users to obtain sensitive information by leveraging a new VM.
| CPE | Name | Operator | Version |
|---|---|---|---|
| apache-libcloud | eq | 0.12.4 | |
| apache-libcloud | eq | 0.13.0 | |
| apache-libcloud | eq | 0.13.1 | |
| apache-libcloud | eq | 0.13.2 | |
| apache-libcloud | eq | 0.12.3 |
Related
fedora
fedora
[SECURITY] Fedora 20 Update: python-libcloud-0.13.3-1.fc20
2014-01-12 05:04:53
[SECURITY] Fedora 18 Update: python-libcloud-0.13.3-1.fc18
2014-01-12 05:03:50
[SECURITY] Fedora 19 Update: python-libcloud-0.13.3-1.fc19
2014-01-12 05:01:43
securityvulns
securityvulns
[CVE-2013-6480] Libcloud doesn't send scrub_data query parameter when destroying a DigitalOcean node
2014-01-08 00:00:00
Apache libcloud pritection bypass
2014-01-08 00:00:00
openvas
openvas
Fedora Update for python-libcloud FEDORA-2014-0159
2014-01-13 00:00:00
Fedora Update for python-libcloud FEDORA-2014-0129
2014-02-03 00:00:00
Fedora Update for python-libcloud FEDORA-2014-0129
2014-02-03 00:00:00
prion
prion
Design/Logic Flaw
2014-01-07 18:55:00
seebug
seebug
Apache Libcloud Digital Ocean API本地信息泄露漏洞
2014-01-03 00:00:00
nessus
nessus
openSUSE Security Update : python-apache-libcloud (openSUSE-SU-2014:0198-1)
2014-06-13 00:00:00
Fedora 20 : python-libcloud-0.13.3-1.fc20 (2014-0129)
2014-01-13 00:00:00
Fedora 18 : python-libcloud-0.13.3-1.fc18 (2014-0159)
2014-01-13 00:00:00
osv
osv
Libcloud does not properly scrub data when destroying a DigitalOcean node
2022-05-14 02:54:05
cve
cve
CVE-2013-6480
2014-01-07 18:55:00
github
github
Libcloud does not properly scrub data when destroying a DigitalOcean node
2022-05-14 02:54:05
debiancve
debiancve
CVE-2013-6480
2014-01-07 18:55:00
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
Related for OSV:PYSEC-2014-97